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FIG. 7 



USER OF HOME CLIENT EXECUTES HOME 
CLIENT APPLICATION (HCA) AND DESIGNATES 
PRIVATE DATA TO ENCRYPT AND TRANSFER 
TO THE SERVER. 



HCA REQUEST ENCRYPTION PASSWORD 
FROM HOME CLIENT 
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FUNCTION OF THE ENCRYPTION PASSWORD 
FROM USER 



CRA ENCRYPTS PK STORED IN MEMORY AS 
FUNCTION OF THE GENERATED K1 



CLIENT APPLICATION TRANSFERS ENCYPTED 
PK (Ej^iPK) TO SERVER EXECUTING SERVER 
APPLICATION 
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THE TRANSFERRED E^^PK AND STORES E^^PK 
IN DATABASE 
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USER OF ROAMING CLIENT COMPUTER 
EXECUTES ROAMING CLIENT APPLICATION 
(RCA) AND REQUESTS TRANSFER OF 
ENCRYPTED PRIVATE DATA FROM THE 
SERVER 
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EXECUTE RCA AND SUBMIT REQUEST TO 
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FIG. 9B 



SEE FIGURE 9A 
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CLIENT USER SUBMITS AUTHENTICATION 
PASSWORD TO AUTHENTICATION SERVICE 
AND REQUESTS BACKUP OR MIGRATION OF A 
RECOVERY KEY K2 



ROAMING CLIENT APPLICATION (RCA) 
GENERATES WRAPPING KEY K1 AS FUNCTION 
OF ENCRYPTION PASSWORD 

IF PASSWORD VALID, BACKUP KEY K3 AND 
FIRST ENCRYPTION OF RECOVERY KEY E^^^K2. 
TRANSFERRED TO ROAMING CLIENT 
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RCA DECRYPTS (ENk,K2) AS A FUNCTION OF 
THE GENERATED K1 TO OBTAIN K2. 



I 

RCA ENCRYPTS K2 AS A FUNCTION OF THE 
DOWNLOADED K3 
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RCA STORES SECOND ENCRYPTED RECOVERY 
KEY E,qK2 in MEMORY OF THE ROAMING 
CLIENT. 
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FIG. 11 



SERVER RECEIVES AUTHENTICATION 
PASSWORD FROM THE ROAMING CLIENT, 
AND A REQUEST FOR ENCRYPTED PRIVATE 
KEY WITHOUT AN ENCRYPTION PASSWORD 
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SERVER APPLICATION RETRIEVES BACKUP 
KEY (K3). ENCRYPTED WRAPPING KEY 
(EK2KI). AND ENCRYPTED PRIVATE KEY 
EK^PK FROM DATABASE 
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SERVER APPLICATION TRANSFERS BACKUP 
KEY (K3). EKjKI . AND E^^PK TO CLIENT 
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CLIENT DECRYPTS SECOND ENCRYPTED 
RECOVERY KEY {E\^\<2) STORE ON CLIENT 
AS A FUNCTION OF THE TRANSFERRED K3 TO 
OBTAIN K2. 
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CLIENT DECRYPTS E^K1 DOWNLOADED 
FROM SERVER AS FUNCTION OF THE 
OBTAINED K2 TO OBTAIN K1 
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CLIENT DECRYPTS E^^PK DOWNLOADED 
FROM SERVER AS FUNCTION OF THE 
OBTAINED K1 TO OBTAIN PK 
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